RE: [Algorithms] Message signature in token ring
Brought to you by:
vexxed72
Menu
▾
▴
RE: [Algorithms] Message signature in token ring
|
From: Tony C. <to...@mi...> - 2003-04-17 17:28:25
|
FWIW, I replied to Brian off-list on some of his specific points. I just wanted to make clear that my central point was about the folly of rolling one's own, and was not intended to be a commentary on open versus closed source, or any of the other various ways my comments have been misinterpreted. In any event, I'm not sure how productive this thread is continuing to be, so I think I'll stop now. Tony Cox - Development Lead, Hockey Microsoft Games Studios - Sports -----Original Message----- From: gda...@li... [mailto:gda...@li...] On Behalf Of Mat Noguchi ((BUNGIE)) Sent: Thursday, April 17, 2003 10:22 AM To: gda...@li... Subject: RE: [Algorithms] Message signature in token ring Well, even open code is prone to bugs/exploits that aren't readily considered due to experience or whatnot. Case in point, the timing attacks on OpenSSL that, experimentally at least, can extract the private RSA key. These attacks are pretty well known in the academic community (at least I assume they are; we learned about them in a survey crypto course), and the fact that no one even bothered to test or consider these attacks due to the conception that they're only effective against smart-cards and similarly low-bit encryption shows that even open-ness of code does not necessarily give said code some magical properties of being more scrutinized than closed code. Having "many eyes" looking at code doesn't help when those eyes have no idea what to look for. Most (public) exploits attributed to Windows aren't from kernel level flaws, but from higher level components that have buffer overruns or corrupt heap usage. Except for the csrss.exe bug. MSN -----Original Message----- From: Brian Hook [mailto:ho...@py...]=20 Sent: Thursday, April 17, 2003 10:01 AM To: gda...@li... Subject: RE: [Algorithms] Message signature in token ring >>Which is completely irrelevant. The point is that SOMEONE is=20 >>qualified, and if that code is not available for review, then NO ONE=20 >>except the people that wrote it in the first place are going to even=20 >>have that option. > >But that someone is unlikely to be a game developer. Pick code which=20 >has been reviewed by someone qualified rather than rolling you own. I don't think you're getting this. "Someone qualified" -- like who? =20 The code is written by a bunch of faceless entities randomly promoted=20 within an organization. My point still stands -- between trusting=20 "someone who might or might not be qualified and who may or may not=20 be writing good code" vs. "me", I'll take "me". It's not a case of NIH, I might add, it's a case of openness. I use=20 a lot of open source stuff for the very reason that I DO prefer that=20 experts be able to do stuff I'm only passingly familiar with, but I=20 get very leery when I'm asked to rely on someone else's code and A.)=20 I have no idea of their qualifications and B.) I can't see their=20 code. >I'm not sure where this turned into a DirectPlay discussion. Your=20 >comments are highly inaccurate - and I suspect your knowledge of=20 >DirectPlay is circa DirectX 6 at best. Please feel free to contact me=20 >off-list if you would like to be educated. No hand-waving, and concrete >examples guaranteed. It was an example of where your logic breaks down. It's not a slam=20 on DirectX, but merely pointing out another Microsoft API that has=20 generally been derided but which Microsoft has repeatedly claimed is=20 written by people that know this stuff better than "dumb" game=20 programmers. >Haha, that's funny. If you have a modern sound card, software mixing=20 >makes about as much sense as software rendering. Your experience is=20 >clearly dated. Still, I guess you're not writing for the leading edge=20 >any more, Brian. Is this why every piece of software I've used recently still retains=20 the option to disable hardware mixing? And please try not to make this personal, TONY. Ok? There are really only two fundamental truths here: 1. Software you write yourself, you can fix/port/extend. Software=20 provided by someone else in binary-only form, you cannot. 2. Software you write yourself has a chance of being of lesser or=20 higher quality than software written elsewhere. The odds of you=20 writing better software than "them" depends on a huge number of=20 factors, and blithely assuming either all libraries are broken or all=20 game programmers are stupid isn't really going to be accurate either=20 way. Anyway, this should probably migrate to general or sweng. -Hook |
